OSINT

OSINT is a collection of various intelligence gathering disciplines, which are used in support of information security. The basic methodologies and concepts used for gathering and analyzing information that has been gathered from public or non-protected sources. The term OSINT can also be interpreted as "Open Source Intelligence," but the term has been used in such a way that it is now an acronym for Open Source Information.
OSINT is information that comes from publicly available sources, such as:
• News media and social media
• Radio and TV broadcasts
• Print media, trade journals, industry publications and other advertising materials
• The Internet and all its resources: websites, online forums and blogs, pictures and videos posted by users on social media sites (such as YouTube)
• Specialized documents, such as government documents (classified or not), military manuals and private organizational documents (including membership rosters)
• Geodata (maps).

Active, semi-passive, and passive strategies are all used to acquire OSINT, with each method having its own advantages. The decision to choose one over the other is based on the situation and the kind of intelligence that you are interested in learning about.
By default, passive collection should be used by most OSINT gathering methods because the primary goal of OSINT gathering is to gather information about the target through publicly available resources.

Active Collection - Active collection is the most common type of collection used when collecting OSINT intelligence.

Semi-passive - This method of data collection is more technical in nature, and it involves sending internet traffic to target servers in order to gain general information about them. In order to avoid attracting any notice to your reconnaissance actions, this traffic should look and behave like regular internet traffic. In this manner, you are not doing an in-depth study of the target's web resources, but are instead conducting a light inquiry without raising any alarms inside the organisation you are researching instead.

Activate Collection - In this type of collection, you interact directly with the system in order to gather intelligence about it. However, because the person or entity collecting information will use advanced techniques to harvest technical data about the target IT infrastructure such as accessing open ports, scanning for vulnerabilities (such as unpatched Windows systems), scanning web server applications, and more, the target may become aware of the reconnaissance process. In the target's intrusion detection system (IDS) or intrusion prevention system (IPS), this traffic will seem to be unusual behaviour, and it will almost certainly leave traces on the system (IPS).

There are a variety of different organisations that might benefit from open-source information. I'll mention a few of them below and discuss what drives each of them to acquire open-source intelligence.

Government - Governmental organisations, particularly military agencies, are often regarded as the greatest consumers of operational intelligence (OSINT). National security, counterterrorism, terrorist cyber tracking, understanding domestic and international public opinion on various subjects, supplying policymakers with necessary information to influence their internal and external policies, and exploitation of foreign media in order to obtain translations of various events are just a few of the many uses for OSINT that governments have.
International Organizations
- Organizations such as the United Nations (UN) employ OSINT to assist peacekeeping activities all over the world. Humanitarian organisations, such as the International Red Cross, rely on operational intelligence (OSINT) to assist them in their relief activities during times of catastrophe or crisis. They employ OSINT information to defend their supply chain from terrorist organisations by analysing social media sites and internet chat sites in order to forecast future terrorist acts and so secure their supply chain.

Businesses - Information is power, and businesses utilize OSINT to study new markets, monitor the actions of their rivals, plan marketing campaigns, and foresee anything that might have an impact on their operations or jeopardise their future development. Businesses also utilize OSINT intelligence for non-financial goals, most notably to combat data leakage. OSINT sources from both outside and inside the organisation are analysed and combined with other information to produce an effective cyber-risk management policy that assists the company in protecting its financial interests, reputation, and customer base.

Security and cybercrime organisations - Open source intelligence (OSINT) is used widely by hackers and penetration testers to collect information about a given target online. It is also regarded as a significant instrument for assisting in the execution of social engineering operations. Recognition is the initial part of any penetration testing technique, and it is the most important phase (in other words, with OSINT).

Criminal Organizations - Criminal organisations use OSINT to plan attacks, collect information about targets before attacking them (for example, using Google Maps to investigate locations), groom fighters by analysing social media sites, obtain military information accidentally revealed by governments (such as how to construct bombs), and spread their propaganda.

Information obtained from open sources can be used as evidence. It is critical that practitioners get accurate information and document their activities even if they do not expect the documents to be used as evidence. Even if they had no intention of doing so, the material collected using OSINT could be used in court later.

Incorporating the appropriate OSINT tool into a company's security strategy can help to improve cybersecurity by assisting in the discovery of information about the company, its employees, its information technology assets, and other confidential or sensitive data that could be exploited by an attacker. It is possible to decrease anything from phishing to denial-of-service assaults by first discovering the information and then concealing or deleting it from view.
After that, in no particular order, we'll go over some of the most popular open source intelligence (OSINT) tools, what areas of expertise they specialise in, why they're unique and different from one another, and what specific value they can potentially provide in support of an organization's cyber security efforts.
Some of the important OSINT tools are:

Maltego
Mitaka
SpiderFoot
Spyse
BuiltWith
Intelligence X
DarkSearch.io
Grep.app
Recon-ng
theHarvester
Shodan
Metagoofil
Searchcode
SpiderFoot
Babel X

OSINT is critical in maintaining control over the information pandemonium. IT is required to perform three critical duties within OSINT, and a broad variety of OSINT tools has been created to assist in meeting those requirements.. The majority of tools are capable of doing all three duties, however several are particularly good in one area.

1. Identifying assets that are visible to the public

One of their most prevalent functions is assisting IT teams in identifying publicly accessible assets and mapping the information that each asset holds that might contribute to a possible attack surface. Aside from looking for things like software vulnerabilities and doing penetration testing, they don't generally attempt to do anything else. Their primary responsibility is to document any information that might be publicly discovered about or about firm assets without resorting to hacking.

2. Explore resources outside of the organisation to find relevant information

Some OSINT systems also perform a secondary role, which is the search for relevant information outside of an organisation, such as in social media postings or at domains and places that may be outside of a tightly defined network. Businesses that have acquired a large number of companies, bringing with them the information technology assets of the companies they have acquired, may find this function to be quite valuable. Given the enormous expansion and popularity of social media, searching for sensitive information outside of the corporate boundary is likely to be beneficial for almost any organisation, regardless of industry.

3. Organize the newly acquired material into a usable way

Finally, certain OSINT technologies can assist in compiling and organising all of the material that has been gathered into meaningful and actionable intelligence. If you do an OSINT scan for a major business, you might expect to get hundreds of thousands of results, particularly if you include both internal and external assets. Being able to put all of that information together and deal with the most critical issues first may be really beneficial.